Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week and year to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The Australian amendment bill aims to enforce companies to comply with government regulations and provide adequate security to customer data by increasing its penalty. The amendment introduces an alteration to the existing bill which states the maximum penalty for serious or repeated privacy breaches is $2.22 million, the new bill establishes a penalty of whichever is the greater of:
• $50 million;
• three times the value of any benefit obtained through the misuse of information; or
• 30% of a company's adjusted turnover in the relevant period.
The new bill also provides the Australian Information Commissioner more power to quickly share data breach information to help protect customers and resolve privacy breaches faster.
By Ministers.ag.gov.au
LastPass has sent an alert to its customers relating to a breach of its systems. The password manager reported that suspicious activity was discovered in a third-party cloud storage service and has launched an investigation into the incident. An unauthorised party is known to have accessed the system using information from a data breach caused in August 2022 resulting in access to “certain elements” of customer information. LastPass has stated that all passwords stored with them remain safely encrypted however are working to understand the scope of the incident.
By blog.lastpass.com
Network-based attacks are becoming a more popular way of infiltrating systems because they often leave minimal traces on source and target devices. Microsoft announced they will be partnering with Zeek to help the security teams combat these attacks more effectively. Zeek is now integrated as a component within Microsoft Defender for Endpoint. This provides new levels of network analysis capabilities based on deep inspection of network traffic.
By TechCommunity.microsoft.com
A combination of maturing & emerging consumer-facing cyber threats could add to the many challenges that enterprise security teams will have to deal with in 2023. Researchers at Kaspersky are looking at how the cyber threat landscape may evolve over the next year. Expect that threat actors will expand use of many of their current tactics while exploring new avenues for attacks on social media, streaming services, and online gaming platforms. The expansion of brands into the world of the metaverse could leave them at risk of attack.
"The metaverse represents an area where consumer threats will be different from years past," says Anna Larkina, a security expert at Kaspersky. "Fake, malicious VR and AR apps, as well as privacy risks and potential abuse associated with this new frontier, will account for threats we haven't necessarily seen before".
By DarkReading.com
NVIDIA’s latest GPU driver update contains fixes for 29 security vulnerabilities, two of which are considered critical. The first of the critical flaws is a “locally exploited user mode flaw”. This allows unprivileged users to access critical application files and modify them; this could lead to code execution, information disclosure, privilege escalation, and more.
The second critical flaw is similar but can be exploited remotely and is enabled by an unprivileged attacker causing an out-of-bounds write. This could also lead to code execution, privilege escalation, information disclosure, and denial of service.
There were also 7 high severity flaws addressed in this release. We recommend that all NVIDIA users update their drivers as soon as possible to ensure you are not at risk of exploitation.
By BleepingComputer.com
Critical vulnerabilities have been found in three popular remote keyboard applications on Android devices. PC Keyboard, Lazy Mouse, and Telepad are all apps that allow users to use their phone as a remote keyboard for their computer; the apps have a combined 2 million installs worldwide, meaning a lot of users are currently at risk.
The researchers that discovered these flaws have released a security advisory; the details show that exploitation of these flaws could lead to remote code execution and cleartext keylogging. All users who have installed one or more of these apps should consult this advisory and consider uninstalling the application. The official advisory can be found here.
By BleepingComputer.com
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #214 – 2nd December2022
Why not follow us on social media:
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
